Vulnerability Details : CVE-2021-47006
In the Linux kernel, the following vulnerability has been resolved:
ARM: 9064/1: hw_breakpoint: Do not directly check the event's overflow_handler hook
The commit 1879445dfa7b ("perf/core: Set event's default
::overflow_handler()") set a default event->overflow_handler in
perf_event_alloc(), and replace the check event->overflow_handler with
is_default_overflow_handler(), but one is missing.
Currently, the bp->overflow_handler can not be NULL. As a result,
enable_single_step() is always not invoked.
Comments from Zhen Lei:
https://patchwork.kernel.org/project/linux-arm-kernel/patch/20210207105934.2001-1-thunder.leizhen@huawei.com/
Products affected by CVE-2021-47006
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2021-47006
0.01%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-47006
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.5
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
1.8
|
3.6
|
134c704f-9b21-4f2e-91b3-4a467353bcc0 | 2024-11-07 |
References for CVE-2021-47006
-
https://git.kernel.org/stable/c/3ed8832aeaa9a37b0fc386bb72ff604352567c80
ARM: 9064/1: hw_breakpoint: Do not directly check the event's overflow_handler hook - kernel/git/stable/linux.git - Linux kernel stable treePatch
-
https://git.kernel.org/stable/c/a9938d6d78a238d6ab8de57a4d3dcf77adceb9bb
ARM: 9064/1: hw_breakpoint: Do not directly check the event's overflow_handler hook - kernel/git/stable/linux.git - Linux kernel stable treePatch
-
https://git.kernel.org/stable/c/7eeacc6728c5478e3c01bc82a1f08958eaa12366
ARM: 9064/1: hw_breakpoint: Do not directly check the event's overflow_handler hook - kernel/git/stable/linux.git - Linux kernel stable treePatch
-
https://git.kernel.org/stable/c/630146203108bf6b8934eec0dfdb3e46dcb917de
ARM: 9064/1: hw_breakpoint: Do not directly check the event's overflow_handler hook - kernel/git/stable/linux.git - Linux kernel stable treePatch
-
https://git.kernel.org/stable/c/dabe299425b1a53a69461fed7ac8922ea6733a25
ARM: 9064/1: hw_breakpoint: Do not directly check the event's overflow_handler hook - kernel/git/stable/linux.git - Linux kernel stable treePatch
-
https://git.kernel.org/stable/c/555a70f7fff03bd669123487905c47ae27dbdaac
ARM: 9064/1: hw_breakpoint: Do not directly check the event's overflow_handler hook - kernel/git/stable/linux.git - Linux kernel stable treePatch
-
https://git.kernel.org/stable/c/ed1f67465327cec4457bb988775245b199da86e6
ARM: 9064/1: hw_breakpoint: Do not directly check the event's overflow_handler hook - kernel/git/stable/linux.git - Linux kernel stable treePatch
-
https://git.kernel.org/stable/c/a506bd5756290821a4314f502b4bafc2afcf5260
ARM: 9064/1: hw_breakpoint: Do not directly check the event's overflow_handler hook - kernel/git/stable/linux.git - Linux kernel stable treePatch
Jump to